Thursday, December 3, 2015

Netiquette IQ Technical Definition Of Darkbots And A US-CERT Cyber Alert For A New One

Systems Affected

Microsoft Windows

Overview

Dorkbot is a botnet used to steal online payment, participate in distributed
denial-of-service (DDoS) attacks, and deliver other types of malware to
victims’ computers. According to Microsoft, the family of malware used in this
botnet “has infected more than one million personal computers in over 190
countries over the course of the past year.” The United States Department of
Homeland Security (DHS), in collaboration with the Federal Bureau of
Investigation (FBI) and Microsoft, is releasing this Technical Alert to provide
further information about Dorkbot.

Description

Dorkbot-infected systems are used by cyber criminals to steal sensitive
information (such as user account credentials), launch denial-of-service (DoS)
attacks, disable security protection, and distribute several malware variants
to victims’ computers. Dorkbot is commonly spread via malicious links sent
through social networks instant message programs or through infected USB
devices.
In addition, Dorkbot’s backdoor functionality allows a remote attacker to
exploit infected system. According to Microsoft’s analysis, a remote attacker
may be able to:

Download and run a file from a specified URL;

Collect logon information and passwords through form
grabbing, FTP, POP3, or Internet Explorer and Firefox cached login
details; or

Impact

A system infected with Dorkbot may be used to send spam, participate in DDoS
attacks, or harvest users' credentials for online services, including banking
services.

Solution

Users are advised to take the following actions to remediate Dorkbot
infections:

Use and maintain anti-virus software – Anti-virus software
recognizes and protects your computer against most known viruses. Even
though Dorkbot is designed to evade detection, security companies are
continuously updating their software to counter these advanced threats.
Therefore, it is important to keep your anti-virus software up-to-date. If
you suspect you may be a victim of Dorkbot, update your anti-virus
software definitions and run a full-system scan. (See Understanding Anti-Virus
Software for more information.)

Change your passwords – Your original
passwords may have been compromised during the infection, so you should
change them. (See Choosing
and Protecting Passwords for more information.)

Keep your operating system and application software
up-to-date
– Install software patches so that attackers cannot take advantage of
known problems or vulnerabilities. You should enable automatic updates of
the operating system if this option is available. (See Understanding Patches
for more information.)

Use anti-malware tools – Using a legitimate
program that identifies and removes malware can help eliminate an
infection. Users can consider employing a remediation tool (see example
below) to help remove Dorkbot from their systems.

Disable Autorun­ – Dorkbot tries to use the Windows Autorun function to
propagate via removable drives (e.g., USB flash drive). You can disable
Autorun to stop the threat from spreading.

Another Special Announcement - Tune in to my upcoming radio interview, Sunday, December 6th at 8 a.m. on Rider University's station, www.1077thebronc.com I will be discussing my recent book, above on "Your Career Is Calling", hosted by Wanda Ellett.

In addition to this blog, Netiquette IQ
has a website with great
assets which are being added to on a regular basis. I have authored the
premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to
Improve,
Enhance and Add Power to Your Email". My new book, “You’re Hired! Super
Charge
Your Email Skills in 60 Minutes. . . And Get That Job!” has just been
published and will be followed by a trilogy of books on Netiquette for
young people. You can view my
profile, reviews of the book and content excerpts at:

In addition to this blog, I maintain a radio show on BlogtalkRadioand an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and Yahoo. I am also a
member of the International Business Etiquette and Protocol Group and
Minding Manners among others. I regularly consult for the Gerson Lehrman
Group, a worldwide network of subject matter experts and I have been
contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ andPSG of Mercer County, NJ.

I am the president of Tabula Rosa Systems,
a “best of breed” reseller of products for communications, email,
network management software, security products and professional
services. Also, I am the president of Netiquette IQ. We are currently developing an email IQ rating system, Netiquette IQ, which promotes the fundamentals outlined in my book.

Over
the past twenty-five years, I have enjoyed a dynamic and successful
career and have attained an extensive background in IT and electronic
communications by selling and marketing within the information
technology marketplace.Anyone who would like to review the book and have it posted on my blog or website, please contact me paul@netiquetteiq.com.
=============================================================